package top.suven.base.http.admin.frame.shiro;

import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.SimpleCredentialsMatcher;
import top.suven.base.http.admin.old.model.SysAdmin;
import top.suven.base.util.utilize.MD5Util;

/**
 * @ClassName:
 * @Description:
 * @Author lixiangling
 * @Date 2018/8/6 16:11
 * @Copyright: (c) 2018 gc by https://www.gc.com.cn/
 * @Version : 1.0.0
 * --------------------------------------------------------
 * modifyer    modifyTime                 comment
 * <p>
 * --------------------------------------------------------
 */
public class AuthMatcher  extends SimpleCredentialsMatcher {
    public static final String USER_PWRD_SALT = "##";

    public static final String USER_DEFAULT_PWRD = "123456";
    @Override
    public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
        UsernamePasswordToken utoken = (UsernamePasswordToken) token;
        //获得用户输入的密码:(可以采用加盐(salt)的方式去检验)
        String inPassword = new String(utoken.getPassword());
        //获得数据库中的密码
        String dbPassword = (String)info.getCredentials();
        SysAdmin admin = (SysAdmin)info.getPrincipals().getPrimaryPrincipal();
        if(!inPassword.matches("^.{8,}$")){
            return false;
        }
        if(!(inPassword.matches("^.{8,}$") && inPassword.matches("^.*[a-z]+.*$") && inPassword.matches("^.*[0-9]+.*$") && (inPassword.matches("^.*[A-Z]+.*$"))||inPassword.matches("^.*[/^/$/.//,;:'!@#%&/*/|/?/+/(/)/[/]/{/}]+.*$"))){
            return false;
        }
        if (!MD5Util.md5Hex(utoken.getUsername() + USER_PWRD_SALT + inPassword).equals(dbPassword)) {
            return false;
        }

        if(dbPassword.equals(MD5Util.md5Hex(admin.getAdminCode()+ USER_PWRD_SALT + USER_DEFAULT_PWRD))){
            return false;
        }
        return true;
    }

}
